Home Home > GIT Browse
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHannes Reinecke <hare@suse.de>2019-03-20 09:31:04 +0100
committerHannes Reinecke <hare@suse.de>2019-03-20 09:31:04 +0100
commit3bf2ca7fe8c25236b550dcfbd2b68d1ed2f35a1f (patch)
tree4931e9528666456d23c3e00e7f5c02840b82bf0f
parent227ca72ac635d5c91d5bce43a07206c880a0b6b3 (diff)
block_dev: fix crash on chained bios with O_DIRECT
(bsc#1128094).
-rw-r--r--patches.fixes/block_dev-fix-crash-on-chained-bios-with-O_DIRECT.patch41
-rw-r--r--series.conf1
2 files changed, 42 insertions, 0 deletions
diff --git a/patches.fixes/block_dev-fix-crash-on-chained-bios-with-O_DIRECT.patch b/patches.fixes/block_dev-fix-crash-on-chained-bios-with-O_DIRECT.patch
new file mode 100644
index 0000000000..8f2f809fd5
--- /dev/null
+++ b/patches.fixes/block_dev-fix-crash-on-chained-bios-with-O_DIRECT.patch
@@ -0,0 +1,41 @@
+From: Hannes Reinecke <hare@suse.de>
+Date: Wed, 20 Mar 2019 08:58:07 +0100
+Subject: [PATCH] block_dev: fix crash on chained bios with O_DIRECT
+Patch-Mainline: submitted linux-block 2019/03/20
+References: bsc#1128094
+
+__blkdev_direct_IO_simple() is allocating a bio on the stack.
+When that bio needs to be split bio_chain_endio() invokes bio_put()
+on this bio, causing the kernel to crash in mempool_free() as the
+bio was never allocated from a mempool in the first place.
+So call bio_get() before submitting to avoid this problem.
+
+Signed-off-by: Hannes Reinecke <hare@suse.com>
+---
+ fs/block_dev.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/fs/block_dev.c b/fs/block_dev.c
+index 7a9a14df1d82..4acd35663ae7 100644
+--- a/fs/block_dev.c
++++ b/fs/block_dev.c
+@@ -256,6 +256,7 @@ __blkdev_direct_IO_simple(struct kiocb *iocb, struct iov_iter *iter,
+ task_io_account_write(ret);
+ }
+
++ bio_get(&bio);
+ qc = submit_bio(&bio);
+ for (;;) {
+ set_current_state(TASK_UNINTERRUPTIBLE);
+@@ -275,7 +276,7 @@ __blkdev_direct_IO_simple(struct kiocb *iocb, struct iov_iter *iter,
+
+ if (unlikely(bio.bi_status))
+ ret = blk_status_to_errno(bio.bi_status);
+-
++ bio_put(&bio);
+ out:
+ if (vecs != inline_vecs)
+ kfree(vecs);
+--
+2.16.4
+
diff --git a/series.conf b/series.conf
index bc9837935a..5f9e7d6d75 100644
--- a/series.conf
+++ b/series.conf
@@ -20963,6 +20963,7 @@
patches.suse/cifs-fix-set-info.patch
patches.suse/0001-drm-vmwgfx-Don-t-double-free-the-mode-stored-in-par-.patch
patches.arch/pseries-energy-Use-OF-accessor-function-to-read-ibm-.patch
+ patches.fixes/block_dev-fix-crash-on-chained-bios-with-O_DIRECT.patch
########################################################
# end of sorted patches